Show filters
7 Total Results
Displaying 1-7 of 7
Sort by:
Attacker Value
Unknown
CVE-2020-15921
Disclosure Date: July 24, 2020 (last updated February 21, 2025)
Mida eFramework through 2.9.0 has a back door that permits a change of the administrative password and access to restricted functionalities, such as Code Execution.
0
Attacker Value
Unknown
CVE-2020-15919
Disclosure Date: July 24, 2020 (last updated February 21, 2025)
A Reflected Cross Site Scripting (XSS) vulnerability was discovered in Mida eFramework through 2.9.0.
0
Attacker Value
Unknown
CVE-2020-15922
Disclosure Date: July 24, 2020 (last updated February 21, 2025)
There is an OS Command Injection in Mida eFramework 2.9.0 that allows an attacker to achieve Remote Code Execution (RCE) with administrative (root) privileges. Authentication is required.
0
Attacker Value
Unknown
CVE-2020-15918
Disclosure Date: July 24, 2020 (last updated February 21, 2025)
Multiple Stored Cross Site Scripting (XSS) vulnerabilities were discovered in Mida eFramework through 2.9.0.
0
Attacker Value
Unknown
CVE-2020-15924
Disclosure Date: July 24, 2020 (last updated February 21, 2025)
There is a SQL Injection in Mida eFramework through 2.9.0 that leads to Information Disclosure. No authentication is required. The injection point resides in one of the authentication parameters.
0
Attacker Value
Unknown
CVE-2020-15920
Disclosure Date: July 24, 2020 (last updated February 21, 2025)
There is an OS Command Injection in Mida eFramework through 2.9.0 that allows an attacker to achieve Remote Code Execution (RCE) with administrative (root) privileges. No authentication is required.
0
Attacker Value
Unknown
CVE-2020-15923
Disclosure Date: July 24, 2020 (last updated February 21, 2025)
Mida eFramework through 2.9.0 allows unauthenticated ../ directory traversal.
0
